Top
Navigation
The Black Book of Identity Access Mgmt
This form does not yet contain any fields.
    « I'm so special | Main | RISK-based sec isn’t perfect … that’s why it’s called RISK »
    Thursday
    Nov102011

    The online waters can be rough

    DateThursday, November 10, 2011 at 04:26PM

    The Chicago River is a beautiful thing. Some architectural jewels line the thing. It’s a blast to eat at a café overlooking the water. When I come out of Union Station after riding the train downtown, I come out on Adams Street and immediately cross the bridge and the view in either direction (but especially north) is fantastic.

    You can actually grab a water taxi to get from one end to the other, which, at the right time of day, can actually be a good thing. There are sightseeing boats. And there are rentals.

    The city is building additional boathouses with canoe and kayak rentals. THIS is where it gets funky. The bigger boats create large wakes, and they have  to watch out not only for navigational hazards but also smaller craft. And sometimes the kayakers act like folks in little cars who zip in front of trucks.

    Not all the smaller craft guys are dummies. But I’ve seen them do some pretty dippy things. They get too close to the large wakes, which can flip them over. They ignore the very loud horns and risk getting plowed into. They don’t do this professionally or on a regular basis, so they don’t take the same precautions that the big boat captains do.

    Many states require you to take a safety course when you buy a gun. In Illinois, a teenager must drive forty chaperoned hours during the day and an additional ten hours at night before they can get a license. But kayakers get nothing more than a paddle and a couple of tips before they hit the water.

    It almost seems like when you register a domain, you should have to certify that you understand the risks. Because you’re a risk not only to yourself, but to others, if you aren’t secure. And if you’re launching your internal apps, through which your employees, customers, partners, and vendors interact, you are a risk to them.

    Policies; how you will secure things

    Policies ; terms of service; what you expect of your users

    Policies; reflect security, corporate, customer, audit and regulatory requirements

    Policies; what you expect of vendors, hosting services, etc.

    Policies; how you intend to create, enable, and monitor users and their activities

    Don’t be a kayaker on the choppy river of online commerce. And watch out for those really lame metaphors, too.

    AuthorJeff the IAM Guy | CommentPost a Comment |

    PrintView Printer Friendly Version

    EmailEmail Article to Friend

    Reader Comments

    There are no comments for this journal entry. To create a new comment, use the form below.

    PostPost a New Comment

    Enter your information below to add a new comment.

    My response is on my own website »
    Author Email (optional):
    Author URL (optional):
    Post:
     
    Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

    Notify me of follow-up comments via email.